DV SSL/TLS Certificate for paulogasparotto.com.br

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the paulogasparotto.com.br DV SSL/TLS Certificate

This certificate with serial number 05:64:e2:31:3c:79:ff:0a:aa:cf:7a:b9:2c:58:9f:d8:9d:28 for paulogasparotto.com.br was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for paulogasparotto.com.br provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:64:e2:31:3c:79:ff:0a:aa:cf:7a:b9:2c:58:9f:d8:9d:28
Serial Number (int): 469890327527098654230005487329454115560744
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 07:c8:71:97:3d:9d:aa:30:b3:01:fe:a8:a3:b8:47:f0:fb:6d:65:a6
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 17:05:1f:c0:cc:58:f6:54:54:49:94:a1:a0:bf:9e:3b:c8:74:ac:48
Fingerprint (SHA-256): 77:9e:8c:7f:a4:30:f3:72:7c:3d:03:b8:07:81:b9:2f:98:a1:2f:d2:b7:d2:d0:3f:0d:ec:eb:57:9d:93:2b:b1

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/41.crl

Check the revocation status for certificate paulogasparotto.com.br
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for paulogasparotto.com.br

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for paulogasparotto.com.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISBWTiMTx5/wqqz3q5LFif2J0oMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNTA4MTkxMjM2WhcNMjUwODA2MTkxMjM1WjAhMR8wHQYDVQQD
ExZwYXVsb2dhc3Bhcm90dG8uY29tLmJyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwBpms+amIbnHAIbqMpQW+/fiwISAAOX4/23rtBoUxu6Jqg4/dQiD
GuJD+JOfvU+8LggERb7iiS2Ys9i/EB8i3z6Jm6ZQBY8c0GO5swV/XmLQZBafQmSp
K2vVrjmQgBBqzwj0SVqlpHe+OpZ55IsyAc3EEh6zcsVlX6oAzfrn6QWODlb5muAV
EvFDxRWfrjNzjG2eLMvaSd2umLJ9dsBdyrK2I2SuHkXJMZvGrDjvxpVC+cDVLSw9
c20PC2GKf/jYQDzSq9ez/w6LUXCKUXu/6ZooMYrM0iFrlyYvXS2v/z0S27uX10rT
Yg3BVLU4yHanLHiO8afN1gZaAH1pca4CMQIDAQABo4ICQDCCAjwwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBQHyHGXPZ2qMLMB/qijuEfw+21lpjAfBgNVHSMEGDAWgBTF
z0ak6vTDwHpslcQtsF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKG
F2h0dHA6Ly9yMTEuaS5sZW5jci5vcmcvMDsGA1UdEQQ0MDKCGCoucGF1bG9nYXNw
YXJvdHRvLmNvbS5icoIWcGF1bG9nYXNwYXJvdHRvLmNvbS5icjATBgNVHSAEDDAK
MAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjExLmMubGVuY3Iu
b3JnLzQxLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AMz7D2qFcQll/pWb
U87psnwi6YVcDZeNtql+VMD+TA2wAAABlrGF7vMAAAQDAEcwRQIgC1YhijVW9pkh
e6M8Or0pT36PcSMW5d2XRCzUOpds4FkCIQCOc+xvleA0/Kkgco2gJp58Fx7L04EL
Xn/NGhoOll2umQB2ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAAB
lrGF7uoAAAQDAEcwRQIgaWG2Ozd6mg/xv+Tg7kKjTxFVjboYDCN5wA32ULxrWyUC
IQCH7zq69f0T/i66MR3XMHzvVTmyyefuyzuTttRXnIuK5zANBgkqhkiG9w0BAQsF
AAOCAQEAqfFq0yxUmHHMlwTprtnv4FhBoT2i/xBnU8M9qaEheGtIUUrUwg4HifOn
Pkgw+Rdi6x6/eiN7JUwmv4ujhkg4sEQm4/n7uI3edKGPynRGbpfSiXX0ilsv475l
qJobAu6oIgCwsWu65QyNgLvB6uNtX94zqnDkOwdmC+VURVg/p/gc72gXJuhpEMik
+m+H5zYU+m45ASc0QPooUlJhZQevbo6+2/BV/plRt6UDiyrp+SM18jdqbot+idvI
fK0cwd3gG/1P4lOzh4vjs0nqBEcKFibrydTFQUY+vs6fKwvWhQJyJOjGmXGlTVNc
YsKgcHykF3kEl+JmbSJauoHZIla1Gg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBpms+amIbnHAIbqMpQW
+/fiwISAAOX4/23rtBoUxu6Jqg4/dQiDGuJD+JOfvU+8LggERb7iiS2Ys9i/EB8i
3z6Jm6ZQBY8c0GO5swV/XmLQZBafQmSpK2vVrjmQgBBqzwj0SVqlpHe+OpZ55Isy
Ac3EEh6zcsVlX6oAzfrn6QWODlb5muAVEvFDxRWfrjNzjG2eLMvaSd2umLJ9dsBd
yrK2I2SuHkXJMZvGrDjvxpVC+cDVLSw9c20PC2GKf/jYQDzSq9ez/w6LUXCKUXu/
6ZooMYrM0iFrlyYvXS2v/z0S27uX10rTYg3BVLU4yHanLHiO8afN1gZaAH1pca4C
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 469890327527098654230005487329454115560744
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-08 19:12:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-06 19:12:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'paulogasparotto.com.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24250773461830370160341650879426201697320410426703634673072922749743017482248354743384068089706907890318900401152927270107844105020483185141152684304952843815667397542317802849562810761330132960270979852640846639457578893086879765335153387538473047395482989964848168549317214652362550161561538788672349988359212142872676675520270059828430647047579448009375734629817907453146823434663811878706161326446354311851631308610511820482330237559204891047429152926463398591848459777922187808037898576884455227115687158748153294987319621258217099884682202618313000112658664930166708590773196204431888581108036217448211694879281
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							07c871973d9daa30b301fea8a3b847f0fb6d65a6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.paulogasparotto.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paulogasparotto.com.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/41.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000196b185eef3000004030047304502200b56218a3556f699217ba33c3abd294f7e8f712316e5dd97442cd43a976ce0590221008e73ec6f95e034fca920728da0269e7c171ecbd3810b5e7fcd1a1a0e965dae9900760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196b185eeea000004030047304502206961b63b377a9a0ff1bfe4e0ee42a34f11558dba180c2379c00df650bc6b5b2502210087ef3abaf5fd13fe2eba311dd7307cef5539b2c9e7eecb3b93b6d4579c8b8ae7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a9f16ad32c549871cc9704e9aed9efe05841a13da2ff106753c33da9a121786b48514ad4c20e0789f3a73e4830f91762eb1ebf7a237b254c26bf8ba3864838b04426e3f9fbb88dde74a18fca74466e97d28975f48a5b2fe3be65a89a1b02eea82200b0b16bbae50c8d80bbc1eae36d5fde33aa70e43b07660be55445583fa7f81cef681726e86910c8a4fa6f87e73614fa6e3901273440fa285252616507af6e8ebedbf055fe9951b7a5038b2ae9f92335f2376a6e8b7e89dbc87cad1cc1dde01bfd4fe253b3878be3b349ea04470a1626ebc9d4c541463ebece9f2b0bd685027224e8c69971a54d535c62c2a0707ca417790497e2666d225aba81d92256b51a